Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-25 Thread Breno Leitao
hi Segher, On 06/22/2018 10:10 PM, Segher Boessenkool wrote: >> - strncpy(prog, argv[0], strlen(argv[0])); >> + if (strlen(argv[0]) >= LEN_MAX){ >> + fprintf(stderr, "Very big executable name: %s\n", argv[0]); >> + return 1; >> + } >> + >> + strn

Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-22 Thread Segher Boessenkool
Hi! On Fri, Jun 22, 2018 at 11:43:44AM -0300, Breno Leitao wrote: > On 06/21/2018 08:18 PM, Segher Boessenkool wrote: > > On Wed, Jun 20, 2018 at 07:51:11PM -0300, Breno Leitao wrote: > >> - strncpy(prog, argv[0], strlen(argv[0])); > >> + strncpy(prog, argv[0], sizeof(prog) - 1); > > > > st

Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-22 Thread Segher Boessenkool
On Fri, Jun 22, 2018 at 04:51:21PM +0200, Christophe LEROY wrote: > Le 22/06/2018 à 16:43, Breno Leitao a écrit : > >+ fprintf(stderr, "Very big executable name: %s\n", argv[0]); > >+ return 1; > >+ } > >+ > >+ strncpy(prog, argv[0], sizeof(prog) - 1); > > Y

Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-22 Thread Al Dunsmuir
On Friday, June 22, 2018, 11:15:29 AM, Paul Clarke wrote: > On 06/22/2018 09:43 AM, Breno Leitao wrote: >> If you don't mind, I would solve this problem slightly different, as it seems >> to be more readable. >> >> - strncpy(prog, argv[0], strlen(argv[0])); >> + if (strlen(argv[0]) >=

Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-22 Thread Paul Clarke
On 06/22/2018 09:43 AM, Breno Leitao wrote: > If you don't mind, I would solve this problem slightly different, as it seems > to be more readable. > > - strncpy(prog, argv[0], strlen(argv[0])); > + if (strlen(argv[0]) >= LEN_MAX){ > + fprintf(stderr, "Very big executable

Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-22 Thread Christophe LEROY
Le 22/06/2018 à 16:43, Breno Leitao a écrit : Hi Segher, On 06/21/2018 08:18 PM, Segher Boessenkool wrote: On Wed, Jun 20, 2018 at 07:51:11PM -0300, Breno Leitao wrote: - strncpy(prog, argv[0], strlen(argv[0])); + strncpy(prog, argv[0], sizeof(prog) - 1); strncpy(prog,

Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-22 Thread Breno Leitao
Hi Segher, On 06/21/2018 08:18 PM, Segher Boessenkool wrote: > On Wed, Jun 20, 2018 at 07:51:11PM -0300, Breno Leitao wrote: >> -strncpy(prog, argv[0], strlen(argv[0])); >> +strncpy(prog, argv[0], sizeof(prog) - 1); > > strncpy(prog, argv[0], sizeof prog); > if (prog[sizeof pr

Re: [PATCH] selftests/powerpc: Fix strncpy usage

2018-06-21 Thread Segher Boessenkool
On Wed, Jun 20, 2018 at 07:51:11PM -0300, Breno Leitao wrote: > - strncpy(prog, argv[0], strlen(argv[0])); > + strncpy(prog, argv[0], sizeof(prog) - 1); strncpy(prog, argv[0], sizeof prog); if (prog[sizeof prog - 1]) scream_bloody_murder(); Silently using t

[PATCH] selftests/powerpc: Fix strncpy usage

2018-06-20 Thread Breno Leitao
There is a buffer overflow in dscr_inherit_test.c test. In main(), strncpy()'s third argument is the lengh of the source, not the size of the destination buffer, which makes strncpy() behaves like strcpy(), causing a buffer overflow if argv[0] is bigger than LEN_MAX (100). This patch simply limit